AgentSkillsCN

api-gateway

API网关,支持经由托管认证机制调用第三方API。当用户希望与Slack、HubSpot、Salesforce、Google Workspace、Stripe、Shopify等外部服务进行交互时,可使用此技能。

SKILL.md
--- frontmatter
name: api-gateway
description: |
  API gateway for calling third-party APIs with managed auth. Use this skill when users want to interact with external services like Slack, HubSpot, Salesforce, Google Workspace, Stripe, Shopify, and more.
compatibility: Requires network access and valid Maton API key
metadata:
  author: maton
  version: "1.0"

API Gateway

Passthrough proxy for direct access to third-party APIs using managed auth connections. The API gateway lets you call native API endpoints directly.

Quick Start

bash
# Native Slack API call
curl -s -X POST 'https://gateway.maton.ai/slack/api/chat.postMessage' \
  -H 'Content-Type: application/json' \
  -H 'Authorization: Bearer YOUR_API_KEY' \
  -d '{"channel": "C0123456", "text": "Hello from gateway!"}'

Base URL

code
https://gateway.maton.ai/{app}/{native-api-path}

Replace {app} with the service name and {native-api-path} with the actual API endpoint path.

Authentication

All requests require the Maton API key in the Authorization header:

code
Authorization: Bearer YOUR_API_KEY

The API gateway automatically injects the appropriate OAuth token for the target service.

Environment Variable: You can set your API key as the MATON_API_KEY environment variable:

bash
export MATON_API_KEY="YOUR_API_KEY"

Getting Your API Key

  1. Sign in or create an account at maton.ai
  2. Go to maton.ai/settings
  3. Click the copy button on the right side of API Key section to copy it

Connection Management

Connection management uses a separate base URL: https://ctrl.maton.ai

List Connections

bash
curl -s -X GET 'https://ctrl.maton.ai/connections?app=slack&status=ACTIVE' \
  -H 'Authorization: Bearer YOUR_API_KEY'

Query Parameters (optional):

  • app - Filter by service name (e.g., slack, hubspot, salesforce)
  • status - Filter by connection status (ACTIVE, PENDING, FAILED)

Response:

json
{
  "connections": [
    {
      "connection_id": "21fd90f9-5935-43cd-b6c8-bde9d915ca80",
      "status": "ACTIVE",
      "creation_time": "2025-12-08T07:20:53.488460Z",
      "last_updated_time": "2026-01-31T20:03:32.593153Z",
      "url": "https://connect.maton.ai/?session_token=5e9...",
      "app": "slack",
      "metadata": {}
    }
  ]
}

Create Connection

bash
curl -s -X POST 'https://ctrl.maton.ai/connections' \
  -H 'Content-Type: application/json' \
  -H 'Authorization: Bearer YOUR_API_KEY' \
  -d '{"app": "slack"}'

Get Connection

bash
curl -s -X GET 'https://ctrl.maton.ai/connections/21fd90f9-5935-43cd-b6c8-bde9d915ca80' \
  -H 'Authorization: Bearer YOUR_API_KEY'

Response:

json
{
  "connection": {
    "connection_id": "21fd90f9-5935-43cd-b6c8-bde9d915ca80",
    "status": "ACTIVE",
    "creation_time": "2025-12-08T07:20:53.488460Z",
    "last_updated_time": "2026-01-31T20:03:32.593153Z",
    "url": "https://connect.maton.ai/?session_token=5e9...",
    "app": "slack",
    "metadata": {}
  }
}

Open the returned URL in a browser to complete OAuth.

Delete Connection

bash
curl -s -X DELETE 'https://ctrl.maton.ai/connections/21fd90f9-5935-43cd-b6c8-bde9d915ca80' \
  -H 'Authorization: Bearer YOUR_API_KEY'

Specifying Connection

If you have multiple connections for the same app, you can specify which connection to use by adding the Maton-Connection header with the connection ID:

bash
curl -s -X POST 'https://gateway.maton.ai/slack/api/chat.postMessage' \
  -H 'Content-Type: application/json' \
  -H 'Authorization: Bearer YOUR_API_KEY' \
  -H 'Maton-Connection: 21fd90f9-5935-43cd-b6c8-bde9d915ca80' \
  -d '{"channel": "C0123456", "text": "Hello!"}'

If omitted, the gateway uses the default (oldest) active connection for that app.

Supported Services

ServiceApp NameBase URL Proxied
Airtableairtableapi.airtable.com
Apolloapolloapi.apollo.io
Chargebeechargebee{subdomain}.chargebee.com
Google Adsgoogle-adsgoogleads.googleapis.com
Google Analytics Admingoogle-analytics-adminanalyticsadmin.googleapis.com
Google Analytics Datagoogle-analytics-dataanalyticsdata.googleapis.com
Google Calendargoogle-calendarwww.googleapis.com
Google Docsgoogle-docsdocs.googleapis.com
Google Drivegoogle-drivewww.googleapis.com
Google Formsgoogle-formsforms.googleapis.com
Gmailgoogle-mailgmail.googleapis.com
Google Search Consolegoogle-search-consolewww.googleapis.com
Google Sheetsgoogle-sheetssheets.googleapis.com
HubSpothubspotapi.hubapi.com
Jirajiraapi.atlassian.com
JotFormjotformapi.jotform.com
Notionnotionapi.notion.com
QuickBooksquickbooksquickbooks.api.intuit.com
Salesforcesalesforce{instance}.salesforce.com
Shopifyshopify{subdomain}.myshopify.com (GraphQL API)
Slackslackslack.com
Stripestripeapi.stripe.com
Typeformtypeformapi.typeform.com
Xeroxeroapi.xero.com

See references/ for detailed routing guides per provider:

Examples

Slack - Post Message (Native API)

bash
# Native Slack API: POST https://slack.com/api/chat.postMessage
curl -s -X POST 'https://gateway.maton.ai/slack/api/chat.postMessage' \
  -H 'Content-Type: application/json; charset=utf-8' \
  -H 'Authorization: Bearer YOUR_API_KEY' \
  -d '{"channel": "C0123456", "text": "Hello!"}'

HubSpot - Create Contact (Native API)

bash
# Native HubSpot API: POST https://api.hubapi.com/crm/v3/objects/contacts
curl -s -X POST 'https://gateway.maton.ai/hubspot/crm/v3/objects/contacts' \
  -H 'Content-Type: application/json' \
  -H 'Authorization: Bearer YOUR_API_KEY' \
  -d '{
    "properties": {
      "email": "john@example.com",
      "firstname": "John",
      "lastname": "Doe"
    }
  }'

Google Sheets - Get Spreadsheet Values (Native API)

bash
# Native Sheets API: GET https://sheets.googleapis.com/v4/spreadsheets/{id}/values/{range}
curl -s -X GET 'https://gateway.maton.ai/google-sheets/v4/spreadsheets/122BS1sFN2RKL8AOUQjkLdubzOwgqzPT64KfZ2rvYI4M/values/Sheet1!A1:B2' \
  -H 'Authorization: Bearer YOUR_API_KEY'

Salesforce - SOQL Query (Native API)

bash
# Native Salesforce API: GET https://{instance}.salesforce.com/services/data/v64.0/query?q=...
curl -s -X GET 'https://gateway.maton.ai/salesforce/services/data/v64.0/query?q=SELECT+Id,Name+FROM+Contact+LIMIT+10' \
  -H 'Authorization: Bearer YOUR_API_KEY'

Airtable - List Tables (Native API)

bash
# Native Airtable API: GET https://api.airtable.com/v0/meta/bases/{id}/tables
curl -s -X GET 'https://gateway.maton.ai/airtable/v0/meta/bases/appgqan2NzWGP5sBK/tables' \
  -H 'Authorization: Bearer YOUR_API_KEY'

Notion - Query Database (Native API)

bash
# Native Notion API: POST https://api.notion.com/v1/data_sources/{id}/query
curl -s -X POST 'https://gateway.maton.ai/notion/v1/data_sources/23702dc5-9a3b-8001-9e1c-000b5af0a980/query' \
  -H 'Content-Type: application/json' \
  -H 'Authorization: Bearer YOUR_API_KEY' \
  -H 'Notion-Version: 2025-09-03' \
  -d '{}'

Stripe - List Customers (Native API)

bash
# Native Stripe API: GET https://api.stripe.com/v1/customers
curl -s -X GET 'https://gateway.maton.ai/stripe/v1/customers?limit=10' \
  -H 'Authorization: Bearer YOUR_API_KEY'

Code Examples

JavaScript (Node.js)

javascript
const response = await fetch('https://gateway.maton.ai/slack/api/chat.postMessage', {
  method: 'POST',
  headers: {
    'Content-Type': 'application/json',
    'Authorization': `Bearer ${process.env.MATON_API_KEY}`
  },
  body: JSON.stringify({ channel: 'C0123456', text: 'Hello!' })
});

Python

python
import os
import requests

response = requests.post(
    'https://gateway.maton.ai/slack/api/chat.postMessage',
    headers={'Authorization': f'Bearer {os.environ["MATON_API_KEY"]}'},
    json={'channel': 'C0123456', 'text': 'Hello!'}
)

Error Handling

StatusMeaning
400Missing connection for the requested app
401Invalid or missing Maton API key
429Rate limited (10 requests/second per account)
4xx/5xxPassthrough error from the target API

Errors from the target API are passed through with their original status codes and response bodies.

Rate Limits

  • 10 requests per second per account
  • Target API rate limits also apply

Tips

  1. Use native API docs: Refer to each service's official API documentation for endpoint paths and parameters.

  2. Headers are forwarded: Custom headers (except Host and Authorization) are forwarded to the target API.

  3. Query params work: URL query parameters are passed through to the target API.

  4. All HTTP methods supported: GET, POST, PUT, PATCH, DELETE are all supported.

  5. QuickBooks special case: Use :realmId in the path and it will be replaced with the connected realm ID.

Optional